The Privacy Insider Podcast Ep. 8: Privacy Over Party: Peter Swire
No Password Required: Founder of Cybersafe Foundation and an Obama Foundation Africa Leaders Fellow, Who Is Comfortable in the API Kitchen
Podcast - Robots, Rights and New Tech: Balancing Innovation and Data Privacy
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 211: Cybersecurity and Privacy Risks for the Healthcare Industry with Brandon Robinson of Maynard Nexsen
The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Healthcare Document Retention
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Information Security and ISO 27001
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
On March 18, 2024, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) updated its December 2022 guidance for HIPAA-regulated entities regarding the use of online tracking technologies...more
In light of the DOJ’s most recent guidance on the use of personal devices and third-party messaging applications by corporate personnel, this White Paper addresses issues and challenges that companies are facing in this area...more
In June 2023, the Privacy Commissioner for Personal Data in Hong Kong (the “Commissioner”) released a new guidance note on data breach handling and notifications (the “Guidance Note”). The purpose of this note is to assist...more
The guidance encourages organisations to formulate a data breach response plan, and outlines recommendations for handling an increasing number of data breach incidents. On 30 June 2023, the Office of the Privacy...more
On May 10, the National Institute of Standards and Technology (NIST) released its initial public draft of SP 800-171, Revision 3, a set of updated guidelines aimed at helping organizations better handle confidential...more
The updated guidelines (05/2021) from the European Data Protection Board (“EDPB”) issued on 14 February 2023 (the “New Guidelines”) look at the interplay of two fundamental, protective mechanisms contained in the EU GDPR....more
On June 9, 2021, OCR distributed an update to those on its Privacy List sharing links to alerts and resources for addressing the growing number and size of ransomware incidents. One such resource included a White House memo...more
On April 15, 2020, the Information Commissioner’s Office (ICO), the U.K.’s data protection authority, issued further guidance on its regulatory approach during the global COVID-19 pandemic. Following its March note that we...more
DPC has echoed concerns of other regulators around the use of tracking, analytics and marketing cookies by companies. The Irish Data Protection Commission has issued new cookies and tracking Guidance and a Report following...more
They grow up so fast! A sentiment – and challenge – shared by parents and technologists alike. Just when you think you’ve finally figured it out, you blink, and they’re unrecognizable. The old rules can no longer be trusted...more
The owner of a video social networking app, Musical.ly, has agreed to pay a $5.7 million civil penalty to settle a complaint brought by the Federal Trade Commission (FTC) alleging violations of the Children’s Online Privacy...more
• The NFA has determined that registered CPOs must implement an internal controls system and highlighted best practices for such a framework. • In response to certain frequently asked questions, the NFA has also updated its...more
Dear clients and friends, For this edition of the Corporate Communicator, we summarize key considerations of an interpretative release from the SEC about the SEC’s views on companies’ disclosure obligations relating to...more
Answering the centuries’ old question, it appears it is the Federal Trade Commission (“FTC”) that watches the watchmen. The FTC sent warning letters to a pair of foreign app developers cautioning them that their practices of...more
On February 21, 2018, the Securities and Exchange Commission issued an interpretive release1 providing important guidance to certain registrants on cybersecurity disclosure. Coming on the heels of dozens of high-profile...more
On February 21, 2018, the Securities and Exchange Commission (SEC) issued an interpretive Commission Statement and Guidance on Public Company Cybersecurity Disclosures (the "Guidance") to assist public companies in meeting...more
The Securities and Exchange Commission (“SEC”) released expansive interpretive guidance (“2018 Guidance”), posted February 21, 2018, further building upon its far-reaching cybersecurity guidance provided in 2011. Below are...more
On February 26, in the wake of significant and far-reaching cybersecurity breaches (e.g., the Equifax Data Breach), the SEC published interpretive guidance to assist public companies in preparing disclosures about...more
The U.S. Securities and Exchange Commission has issued guidance on cybersecurity disclosure. Companies must establish and maintain appropriate disclosure controls and procedures to make accurate and timely disclosures of...more
The Securities and Exchange Commission (SEC) expanded its warnings to public companies that generic disclosures identifying cybersecurity risk factors may be insufficient. Rather, the SEC seems to expect companies to conduct...more
• The U.S. Securities and Exchange Commission (SEC) released, on Feb. 21, 2018, updated guidance regarding public company cybersecurity disclosures. The guidance updates the Commission's 2011 non-binding guidance and...more
...The Securities and Exchange Commission (the “Commission”) Wednesday announced updated cybersecurity guidance for public companies. This guidance reinforces the Division of Corporation Finance guidance issued in October...more
The Federal Trade Commission (“FTC”) released an updated guidance document for complying with the Children’s Online Privacy Protection Act (“COPPA”). The revised guidance, released on June 21, 2017, explicitly identifies...more